Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
- Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
- PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
/lib/webauthn/src/ -> WebAuthn.php (source)
(no description)
Defines 1 class
WebAuthn:: (11 methods):
__construct()
addRootCertificates()
getChallenge()
getCreateArgs()
getGetArgs()
getSignatureCounter()
processCreate()
processGet()
queryFidoMetaDataService()
_checkOrigin()
_createChallenge()
WebAuthn
| __construct($rpName, $rpId, $allowedFormats=null, $useBase64UrlEncoding=false) X-Ref |
| Initialize a new WebAuthn server param: string $rpName the relying party name param: string $rpId the relying party ID = the domain name param: bool $useBase64UrlEncoding true to use base64 url encoding for binary data in json objects. Default is a RFC 1342-Like serialized string. |
| addRootCertificates($path, $certFileExtensions=null) X-Ref |
| add a root certificate to verify new registrations param: string $path file path of / directory with root certificates param: array|null $certFileExtensions if adding a direction, all files with provided extension are added. default: pem, crt, cer, der |
| getChallenge() X-Ref |
| Returns the generated challenge to save for later validation return: ByteBuffer |
| getCreateArgs($userId, $userName, $userDisplayName, $timeout=20, $requireResidentKey=false, $requireUserVerification=false, $crossPlatformAttachment=null, $excludeCredentialIds=array() X-Ref |
| generates the object for a key registration provide this data to navigator.credentials.create param: string $userId param: string $userName param: string $userDisplayName param: int $timeout timeout in seconds param: bool|string $requireResidentKey 'required', if the key should be stored by the authentication device param: bool|string $requireUserVerification indicates that you require user verification and will fail the operation param: bool|null $crossPlatformAttachment true for cross-platform devices (eg. fido usb), param: array $excludeCredentialIds a array of ids, which are already registered, to prevent re-registration return: \stdClass |
| getGetArgs($credentialIds=array() X-Ref |
| generates the object for key validation Provide this data to navigator.credentials.get param: array $credentialIds binary param: int $timeout timeout in seconds param: bool $allowUsb allow removable USB param: bool $allowNfc allow Near Field Communication (NFC) param: bool $allowBle allow Bluetooth param: bool $allowHybrid allow a combination of (often separate) data-transport and proximity mechanisms. param: bool $allowInternal allow client device-specific transport. These authenticators are not removable from the client device. param: bool|string $requireUserVerification indicates that you require user verification and will fail the operation return: \stdClass |
| getSignatureCounter() X-Ref |
| returns the new signature counter value. returns null if there is no counter return: ?int |
| processCreate($clientDataJSON, $attestationObject, $challenge, $requireUserVerification=false, $requireUserPresent=true, $failIfRootMismatch=true, $requireCtsProfileMatch=true) X-Ref |
| process a create request and returns data to save for future logins param: string $clientDataJSON binary from browser param: string $attestationObject binary from browser param: string|ByteBuffer $challenge binary used challange param: bool $requireUserVerification true, if the device must verify user (e.g. by biometric data or pin) param: bool $requireUserPresent false, if the device must NOT check user presence (e.g. by pressing a button) param: bool $failIfRootMismatch false, if there should be no error thrown if root certificate doesn't match param: bool $requireCtsProfileMatch false, if you don't want to check if the device is approved as a Google-certified Android device. return: \stdClass |
| processGet($clientDataJSON, $authenticatorData, $signature, $credentialPublicKey, $challenge, $prevSignatureCnt=null, $requireUserVerification=false, $requireUserPresent=true) X-Ref |
| process a get request param: string $clientDataJSON binary from browser param: string $authenticatorData binary from browser param: string $signature binary from browser param: string $credentialPublicKey string PEM-formated public key from used credentialId param: string|ByteBuffer $challenge binary from used challange param: int $prevSignatureCnt signature count value of the last login param: bool $requireUserVerification true, if the device must verify user (e.g. by biometric data or pin) param: bool $requireUserPresent true, if the device must check user presence (e.g. by pressing a button) return: boolean true if get is successful |
| queryFidoMetaDataService($certFolder, $deleteCerts=true) X-Ref |
| Downloads root certificates from FIDO Alliance Metadata Service (MDS) to a specific folder https://fidoalliance.org/metadata/ param: string $certFolder Folder path to save the certificates in PEM format. param: bool $deleteCerts delete certificates in the target folder before adding the new ones. return: int number of cetificates |
| _checkOrigin($origin) X-Ref |
| checks if the origin matchs the RP ID param: string $origin return: boolean |
| _createChallenge($length = 32) X-Ref |
| generates a new challange param: int $length return: string |
